Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Yrv5XiIaw8nqLXCACf8cmQCvmjo.roa
File: Yrv5XiIaw8nqLXCACf8cmQCvmjo.roa (raw, json)
Hash identifier: shw+sh2uEZdVKuhgnqZvoF7eiJZsUbTeJP0Mr1c/eAU=
Subject key identifier: 62:BB:F9:5E:22:1A:C3:C9:EA:2D:70:80:09:FF:1C:99:00:AF:9A:3A
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01944692E3C0B7A391EF9AC0BC88B2C8CC07
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Yrv5XiIaw8nqLXCACf8cmQCvmjo.roa
Signing time: Wed 08 Jan 2025 15:40:19 +0000
ROA not before: Wed 08 Jan 2025 15:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12989
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 11:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:46:92:e3:c0:b7:a3:91:ef:9a:c0:bc:88:b2:c8:cc:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jan 8 15:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62bbf95e221ac3c9ea2d708009ff1c9900af9a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:61:03:09:95:cf:be:0c:f5:1a:73:69:17:d9:
48:ec:1e:1e:29:32:d4:df:00:f6:dd:97:f4:1e:d9:
72:09:6d:36:a7:d6:b9:6f:bf:8e:d4:c3:a3:8d:93:
f8:ee:33:e9:7f:b6:bc:7d:8c:b4:0d:9e:f2:3b:c7:
e4:12:69:30:05:38:9d:19:6d:03:cd:29:98:ca:ad:
b6:53:11:d4:5e:f1:d2:14:fa:3b:7e:75:71:01:2a:
d8:1a:78:a4:89:6b:85:2f:84:bc:57:15:09:c2:e2:
34:b6:99:dc:d2:55:12:b9:69:48:fc:67:fb:bb:fb:
6d:5d:17:19:f1:8a:47:53:a6:c7:94:ff:e6:93:29:
f3:29:ed:ca:ad:71:dc:f2:b2:48:e5:de:fe:30:8e:
d0:5f:d8:0a:5a:ec:02:e5:3d:c4:86:f0:ac:69:04:
2e:fe:75:e5:f3:a8:3f:b5:72:14:b0:43:6e:22:e3:
c4:b6:87:3d:9c:e7:9d:94:c7:33:f1:88:73:7b:b1:
01:59:77:cd:e7:55:07:5c:67:f9:6c:56:ff:e6:ef:
8d:8f:c7:f0:ba:09:08:3c:3e:07:9b:5e:9a:b2:52:
d9:5d:f7:64:0d:44:3e:ee:fb:93:be:c2:3e:ec:11:
56:b5:4c:e8:fe:3d:9d:1e:86:a0:0c:c9:ba:46:81:
67:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:BB:F9:5E:22:1A:C3:C9:EA:2D:70:80:09:FF:1C:99:00:AF:9A:3A
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Yrv5XiIaw8nqLXCACf8cmQCvmjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.140.0/24
Signature Algorithm: sha256WithRSAEncryption
82:a2:ca:8d:9d:02:52:1d:55:7d:43:5f:20:34:b6:6c:55:5e:
c5:74:90:c0:bf:f4:3e:ee:f9:15:8a:98:7c:a6:3d:7b:31:b2:
c3:bd:5c:58:c3:bf:3f:30:9f:64:c4:67:a9:26:25:37:67:15:
f4:35:e4:35:3e:63:4d:7e:3f:46:de:49:5e:4d:42:f9:5c:cb:
bc:61:75:2f:a8:cd:46:bf:de:2d:71:54:ce:2d:94:b1:12:84:
cb:97:ff:8f:67:18:c3:23:20:b2:c8:fc:18:d1:ad:f2:c4:ce:
d2:d3:c5:2e:73:25:a3:b1:1a:a4:f3:77:33:4b:d8:6d:5e:17:
6c:4e:79:5e:ae:29:64:c8:94:79:89:fd:a0:b6:24:dd:46:c9:
9f:ec:5e:ca:c1:f4:f0:d6:31:5b:81:4b:ae:ae:56:22:e2:88:
ec:3e:b1:43:e0:f8:cf:f0:cc:f9:d6:e5:d4:f9:ba:be:55:51:
b5:11:a3:7f:0a:a8:76:5d:a8:6d:23:c5:ff:08:a1:f6:f5:d0:
2b:85:ed:fe:3e:e4:c6:30:98:af:55:6f:b3:fc:51:21:45:c7:
8e:86:82:53:3d:05:bb:0f:18:5a:d1:5b:03:38:3e:4f:28:fb:
e1:b5:e3:cc:67:bf:2f:af:26:e6:a1:5f:4f:a3:ca:30:52:f1:
18:e1:54:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRGkuPAt6OR75rAvIiyyMwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMTA4MTU0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmJiZjk1ZTIyMWFjM2M5ZWEyZDcwODAwOWZmMWM5OTAwYWY5YTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2EDCZXPvgz1GnNpF9lI7B4eKTLU
3wD23Zf0HtlyCW02p9a5b7+O1MOjjZP47jPpf7a8fYy0DZ7yO8fkEmkwBTidGW0D
zSmYyq22UxHUXvHSFPo7fnVxASrYGnikiWuFL4S8VxUJwuI0tpnc0lUSuWlI/Gf7
u/ttXRcZ8YpHU6bHlP/mkynzKe3KrXHc8rJI5d7+MI7QX9gKWuwC5T3EhvCsaQQu
/nXl86g/tXIUsENuIuPEtoc9nOedlMcz8Yhze7EBWXfN51UHXGf5bFb/5u+Nj8fw
ugkIPD4Hm16aslLZXfdkDUQ+7vuTvsI+7BFWtUzo/j2dHoagDMm6RoFnJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGK7+V4iGsPJ6i1wgAn/HJkAr5o6MB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvWXJ2NVhpSWF3OG5xTFhDQUNmOGNtUUN2bWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjsWAwQA
1GiMMA0GCSqGSIb3DQEBCwUAA4IBAQCCosqNnQJSHVV9Q18gNLZsVV7FdJDAv/Q+
7vkViph8pj17MbLDvVxYw78/MJ9kxGepJiU3ZxX0NeQ1PmNNfj9G3kleTUL5XMu8
YXUvqM1Gv94tcVTOLZSxEoTLl/+PZxjDIyCyyPwY0a3yxM7S08UucyWjsRqk83cz
S9htXhdsTnlerilkyJR5if2gtiTdRsmf7F7KwfTw1jFbgUuurlYi4ojsPrFD4PjP
8Mz51uXU+bq+VVG1EaN/Cqh2XahtI8X/CKH29dArhe3+PuTGMJivVW+z/FEhRceO
hoJTPQW7Dxha0VsDOD5PKPvhtePMZ78vrybmoV9Po8owUvEY4VQr
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:07 2025 by rpki-client